Add DocuSign to the list of supported providers

2 years ago · 491cf85d16
7 changed files with 43 additions and 20 deletions
--- a/sandbox/OpenIddict.Sandbox.AspNetCore.Server/Startup.cs
+++ b/sandbox/OpenIddict.Sandbox.AspNetCore.Server/Startup.cs
@ -181,7 +181,7 @@ public class Startup
                //        .SetClientId("resource_server")
                //        .SetClientSecret("80B552BB-4CD8-48DA-946E-0815E0147DD2");
                //
-                // When introspection is used, System.Net.Http integration must be enabled.
+                // When introspection is used, the System.Net.Http integration must be enabled.
                //
                // options.UseSystemNetHttp();

--- a/sandbox/OpenIddict.Sandbox.Console.Client/InteractiveService.cs
+++ b/sandbox/OpenIddict.Sandbox.Console.Client/InteractiveService.cs
@ -207,9 +207,10 @@ public class InteractiveService : BackgroundService
                AnsiConsole.MarkupLine("[yellow]The authorization was denied by the end user.[/]");
            }

-            catch
+            catch (Exception exception)
            {
-                AnsiConsole.MarkupLine("[red]An error occurred while trying to authenticate the user.[/]");
+                AnsiConsole.MarkupLine("[red]An error occurred while trying to authenticate the user:[/]");
+                AnsiConsole.WriteException(exception);
            }
        }

--- a/src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreHandlers.cs
+++ b/src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreHandlers.cs
@ -72,8 +72,8 @@ public static partial class OpenIddictClientAspNetCoreHandlers
        ProcessStatusCodePagesErrorResponse<ProcessErrorContext>.Descriptor,
        ProcessLocalErrorResponse<ProcessErrorContext>.Descriptor,

-        ..Authentication.DefaultHandlers,
-        ..Session.DefaultHandlers
+        .. Authentication.DefaultHandlers,
+        .. Session.DefaultHandlers
    ];

    /// <summary>
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs
@ -136,7 +136,8 @@ public static partial class OpenIddictClientWebIntegrationHandlers
                    context.Configuration.GrantTypesSupported.Add(GrantTypes.Implicit);
                }

-                else if (context.Registration.ProviderType is ProviderTypes.Asana or ProviderTypes.Slack)
+                else if (context.Registration.ProviderType is
+                    ProviderTypes.DocuSign or ProviderTypes.Asana or ProviderTypes.Slack)
                {
                    context.Configuration.GrantTypesSupported.Add(GrantTypes.RefreshToken);
                }
@ -181,7 +182,7 @@ public static partial class OpenIddictClientWebIntegrationHandlers
                    context.Configuration.CodeChallengeMethodsSupported.Add(CodeChallengeMethods.Sha256);
                }

-                else if (context.Registration.ProviderType is ProviderTypes.Salesforce)
+                else if (context.Registration.ProviderType is ProviderTypes.DocuSign or ProviderTypes.Salesforce)
                {
                    context.Configuration.CodeChallengeMethodsSupported.Add(CodeChallengeMethods.Sha256);
                }
@ -216,7 +217,14 @@ public static partial class OpenIddictClientWebIntegrationHandlers
                // While it is a recommended node, some providers don't include "scopes_supported" in their
                // configuration and thus are treated as OAuth 2.0-only providers by the OpenIddict client.
                // To avoid that, the "openid" scope is manually added to indicate OpenID Connect is supported.
-                if (context.Registration.ProviderType is ProviderTypes.EpicGames or ProviderTypes.Xero)
+
+                if (context.Registration.ProviderType is ProviderTypes.DocuSign)
+                {
+                    context.Configuration.ScopesSupported.Remove("OpenId");
+                    context.Configuration.ScopesSupported.Add(Scopes.OpenId);
+                }
+
+                else if (context.Registration.ProviderType is ProviderTypes.EpicGames or ProviderTypes.Xero)
                {
                    context.Configuration.ScopesSupported.Add(Scopes.OpenId);
                }
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.cs
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.cs
@ -649,9 +649,9 @@ public static partial class OpenIddictClientWebIntegrationHandlers
            context.DisableBackchannelIdentityTokenNonceValidation = context.Registration.ProviderType switch
            {
                // These providers don't include the nonce in their identity tokens:
-                ProviderTypes.Asana    or ProviderTypes.Dropbox          or
-                ProviderTypes.LinkedIn or ProviderTypes.QuickBooksOnline or
-                ProviderTypes.WorldId => true,
+                ProviderTypes.Asana            or ProviderTypes.DocuSign or
+                ProviderTypes.Dropbox          or ProviderTypes.LinkedIn or
+                ProviderTypes.QuickBooksOnline or ProviderTypes.WorldId => true,

                _ => context.DisableBackchannelIdentityTokenNonceValidation
            };
--- a/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
+++ b/src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationProviders.xml
@ -338,6 +338,20 @@
    </Environment>
  </Provider>

+  <!--
+                                        ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
+                                        ██ ▄▄▀██ ▄▄▄ ██ ▄▄▀██ ██ ██ ▄▄▄ █▄ ▄██ ▄▄ ██ ▀██ ██
+                                        ██ ██ ██ ███ ██ █████ ██ ██▄▄▄▀▀██ ███ █▀▀██ █ █ ██
+                                        ██ ▀▀ ██ ▀▀▀ ██ ▀▀▄██▄▀▀▄██ ▀▀▀ █▀ ▀██ ▀▀▄██ ██▄ ██
+                                        ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
+  -->
+
+  <Provider Name="DocuSign" Id="3133a058-b516-4d21-be9a-96c62fff7862"
+            Documentation="https://developers.docusign.com/platform/auth/authcode/authcode-get-token/">
+    <Environment Name="Production"  Issuer="https://account.docusign.com/" />
+    <Environment Name="Development" Issuer="https://account-d.docusign.com" />
+  </Provider>
+
  <!--
                                          ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
                                          ██ ▄▄▀██ ▄▄▀██ ▄▄▄ ██ ▄▄ ██ ▄▄▀██ ▄▄▄ █▄▀█▀▄██
--- a/src/OpenIddict.Client/OpenIddictClientHandlers.cs
+++ b/src/OpenIddict.Client/OpenIddictClientHandlers.cs
@ -183,15 +183,15 @@ public static partial class OpenIddictClientHandlers
        AttachErrorParameters.Descriptor,
        AttachCustomErrorParameters.Descriptor,

-        ..Authentication.DefaultHandlers,
-        ..Device.DefaultHandlers,
-        ..Discovery.DefaultHandlers,
-        ..Exchange.DefaultHandlers,
-        ..Introspection.DefaultHandlers,
-        ..Protection.DefaultHandlers,
-        ..Revocation.DefaultHandlers,
-        ..Session.DefaultHandlers,
-        ..Userinfo.DefaultHandlers
+        .. Authentication.DefaultHandlers,
+        .. Device.DefaultHandlers,
+        .. Discovery.DefaultHandlers,
+        .. Exchange.DefaultHandlers,
+        .. Introspection.DefaultHandlers,
+        .. Protection.DefaultHandlers,
+        .. Revocation.DefaultHandlers,
+        .. Session.DefaultHandlers,
+        .. Userinfo.DefaultHandlers
    ];

    /// <summary>